In an email on Monday to CNN, a hacktivist group claimed it stole roughly 1.2 terabytes of information from Disney’s Slack including information about unreleased projects, raw images computer codes and some logins.
Nullbulge, the Russian hacktivist group, claimed it have gained access through “a man with Slack access who had cookies.”
“The user was aware we had them, he tried to kick us out once but let us walk right back in before the second time,” the email said.
The group also stated that its intention is to protect artists’ rights and compensation for their work in the age of AI.
Ted Miracco, CEO, Approov:
Here are comments from a security angle…
“Disney’s over-reliance on Slack for internal communications and data sharing highlights the supply chain risks that parallel the concerns raised by the Snowflake breach. Reliance on a single communication platform like Slack creates a centralized point of vulnerability, and a single compromised user can expose a vast amount of sensitive information.
“The recent breach of Disney’s Slack environment by the Russian hacktivist group Nullbulge raises several critical security concerns as it could have been easily avoided with better organizational cybersecurity practices. The breach was facilitated by an individual with legitimate Slack access who had their session cookies compromised. Using session cookies to gain unauthorized access points to insufficient security measures around session management. Implementing measures like short-lived session tokens, regular re-authentication, and stringent monitoring for anomalous session activities could mitigate such risks. The incident highlights the need for securing backend systems and APIs, as front-end security alone is insufficient.”
I suspect that Disney will have to do a lot explaining on multiple fronts. It will be interesting to see how they respond to this alleged hack, and how they will explain what’s out there in terms of information.
Related
This entry was posted on July 16, 2024 at 3:13 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Disney Allegedly Pwned By A Hacktivist Group
In an email on Monday to CNN, a hacktivist group claimed it stole roughly 1.2 terabytes of information from Disney’s Slack including information about unreleased projects, raw images computer codes and some logins.
Nullbulge, the Russian hacktivist group, claimed it have gained access through “a man with Slack access who had cookies.”
“The user was aware we had them, he tried to kick us out once but let us walk right back in before the second time,” the email said.
The group also stated that its intention is to protect artists’ rights and compensation for their work in the age of AI.
Ted Miracco, CEO, Approov:
Here are comments from a security angle…
“Disney’s over-reliance on Slack for internal communications and data sharing highlights the supply chain risks that parallel the concerns raised by the Snowflake breach. Reliance on a single communication platform like Slack creates a centralized point of vulnerability, and a single compromised user can expose a vast amount of sensitive information.
“The recent breach of Disney’s Slack environment by the Russian hacktivist group Nullbulge raises several critical security concerns as it could have been easily avoided with better organizational cybersecurity practices. The breach was facilitated by an individual with legitimate Slack access who had their session cookies compromised. Using session cookies to gain unauthorized access points to insufficient security measures around session management. Implementing measures like short-lived session tokens, regular re-authentication, and stringent monitoring for anomalous session activities could mitigate such risks. The incident highlights the need for securing backend systems and APIs, as front-end security alone is insufficient.”
I suspect that Disney will have to do a lot explaining on multiple fronts. It will be interesting to see how they respond to this alleged hack, and how they will explain what’s out there in terms of information.
Share this:
Like this:
Related
This entry was posted on July 16, 2024 at 3:13 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.